#!/bin/bash
ENV="gcc openssl-devel zlib-devel wget"
APP_DIR="/apps"
SOFTWARE_URL="https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-8.8p1.tar.gz"
SOFT="openssh-8.8p1"
PASS="@@H/JKtt895U558rzq"
USER="gogomonitor"
PASSE="#d589*Ktt89YY9758rz11p"
TXT="user_info"
echo "------Welcome to fix system------"
echo "------Download the must be env------"
yum update -y
yum install -y $ENV
echo "------Download OpenSSH software"
mkdir $APP_DIR
cd $APP_DIR
wget $SOFTWARE_URL
tar xf openssh-8.8p1.tar.gz
cd $APP_DIR/$SOFT
./configure &&make -j 2 &&make install
echo "------Making some config,just moment!"
cp -r  /etc/ssh/sshd_config /etc/ssh/sshd_config_bak
cp sshd_config /etc/ssh/sshd_config
sed -ri 's/^#(PermitRootLogin).*/\1 yes/g' /etc/ssh/sshd_config
sed -ri 's/^(Subsystem).*/\1 sftp \/usr\/libexec\/openssh\/sftp-server/g' /etc/ssh/sshd_config
sed -ir 's/#Port 22/Port 22880/g' /etc/ssh/sshd_config
echo "PasswordAuthentication yes" >> /etc/ssh/sshd_config
echo "PermitRootLogin no" >> /etc/ssh/sshd_config
echo "Ciphers aes128-ctr,aes192-ctr,aes256-ctr" >> /etc/ssh/sshd_config
echo 'OPTIONS="-f /etc/ssh/sshd_config"' >> /etc/sysconfig/sshd 
sed -ri 's/^(ExecStart=).*/\1\/usr\/local\/sbin\/sshd -D $OPTIONS/g' /usr/lib/systemd/system/sshd.service
sed -ri 's/^(Type=).*/\1simple/g'  /usr/lib/systemd/system/sshd.service
echo "------Now waiting moment to makeing some user------ "
touch /opt/$TXT.txt
useradd $USER
echo "$PASS" | passwd root --stdin > /dev/null 2>&1
echo "$PASSE" | passwd $USER --stdin > /dev/null 2>&1
sed -i '/## Allow root to run any commands anywhere/ agogomonitor    ALL=(ALL)       ALL' /etc/sudoers
sed -i '/## Same thing without a password/ agogomonitor    ALL=(ALL)       NOPASSWD: ALL' /etc/sudoers
cat >> /opt/$TXT.txt << EOF
[user_info]
root:$PASS
$USER:$PASSE
EOF
echo "------restart the ssh service------"
systemctl daemon-reload
systemctl restart sshd
cp /usr/bin/ssh{,.bak}
cp /usr/local/bin/ssh /usr/bin/ssh
echo "------Now finish------"
